Some email clients do not work with Duo Multi-factor authentication for Office 365. If we're talking having Duo MFA for desktop login, there is the Duo Authenticator for Windows Login and RDP and that communicates with Duo very differently than all of the other web based apps out there.Which email clients will work with Duo for Office 365? Overview So you basically look toe valuate on a per-app basis your integration methods.Īs for desktop login, that's not something Duo SSO is intended to handle for general login purposes. GlobalProtect has less options available in comparison. These are the 4 main ways to get Duo added to an app/service (plus the aforementioned SSO against a 3rd party IdP that then points to Duo). In those two specific examples, you can do An圜onncet with Duo SSO, Duo Access Gateway, RADIUS (using Duo Auth Proxy) or LDAPS (which talks directly to Duo via API calls). The other way is to have Zoom do SSO to Duo SSO.Īn圜onnect, PAN GlobalProtect, and anything else that can support SAML as an identity source can all use Duo SSO. Pointing Zoom SSO to Azure AD and then using Azure AD Conditional Access (with Azure AD P1 plans) configured for the Zoom app to do MFA to Duo is one way to do.
If you want to use Duo you can't do it native in Zoom, you have to setup Zoom SSO to an IdP and then have that IdP integrate to Duo. Take something like Zoom for example-Their native MFA is using a free OTP app. Where they draw the line is by telling you that they still want you to rely on your existing identity sources as the gold master, and Duo will just bring in read-only copies from those sources.Īdditionally Duo isn't giving you any more features by sending something to Duo SSO, it exists purely to allow you to bring Duo MFA to products that do not have a native Duo integration for Duo.
This is the way Duo has always worked when it comes to identity source, but the they built the SSO product because all of their competitors have it as an option. AD, AAD, or even 3rd parties like Okta), by sync'ing in those objects into Duo. Duo still wants you to rely on some other source as the main IdP (ie. See here for more details: Ĭonsidering an auth proxy is probably a little more accurate because Duo isn't trying to be a full blown IdP (a la Okta for example).
Duo SSO is cloud hosted SAML 2.0 based identity provider.
0 kommentar(er)
